On 2/9/21 10:22 AM, Hean Seng wrote:
> but if user able to login to Cloudstack, they can edit the security gorup
> themself right ?
>
Indeed. So you could then create a new Role where that users can't
execute the 'egress' commands of the Security Groups.
> I am thinking there is some rules t
but if user able to login to Cloudstack, they can edit the security gorup
themself right ?
I am thinking there is some rules that always highest prioity not
editable by user. or may only editable by admin
Mainly worry for this is spammer
On Tue, Feb 9, 2021 at 3:49 PM Wido den Hollander wrot
On 2/8/21 9:14 AM, Hean Seng wrote:
> Hi
>
> Is that possible to have default block rules for all the VM, Default Block
> SMTP outbound port in iptables
>
We did this by changing the security groups. Egress we only allow:
- TCP 21 and 22
- TCP 26-65534
This way VMs can connect to port 25 o
yes, this is something you can configure on firewall (Isolated network) or
ACL (on a specific VPC Isolated network). Check the documentation on
ACL/firewall.
On Mon, 8 Feb 2021 at 09:15, Hean Seng wrote:
> Hi
>
> Is that possible to have default block rules for all the VM, Default Block
> SMTP
